target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model SapphireRapids has bit 13, 14 and 15 of MSR_IA32_ARCH_CAPABILITIES enabled, which are related to some security fixes. Add version 2 of SapphireRapids CPU model with those bits enabled also. Signed-off-by: Lei Wang <lei4.wang@intel.com> Signed-off-by: Tao Su <tao1.su@linux.intel.com> Message-ID: <20230706054949.66556-6-tao1.su@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

commit: 3baf7ae63505eb1652d1e52d65798307fead8539 [log] [tgz]
author: Lei Wang <lei4.wang@intel.com> Thu Jul 06 13:49:48 2023 +0800
committer: Paolo Bonzini <pbonzini@redhat.com> Fri Jul 07 12:52:27 2023 +0200
tree: 49f731a2daba2de499d758105b35aff2ff60ca24
parent: 6c43ec3b206956a8a3008accafe9eb2dfd885190 [diff]
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 852c45b..ec22907 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c

@@ -3944,8 +3944,17 @@
         .model_id = "Intel Xeon Processor (SapphireRapids)",
         .versions = (X86CPUVersionDefinition[]) {
             { .version = 1 },
-            { /* end of list */ },
-        },
+            {
+                .version = 2,
+                .props = (PropValue[]) {
+                    { "sbdr-ssdp-no", "on" },
+                    { "fbsdp-no", "on" },
+                    { "psdp-no", "on" },
+                    { /* end of list */ }
+                }
+            },
+            { /* end of list */ }
+        }
     },
     {
         .name = "Denverton",
commit	3baf7ae63505eb1652d1e52d65798307fead8539	[log] [tgz]
author	Lei Wang <lei4.wang@intel.com>	Thu Jul 06 13:49:48 2023 +0800
committer	Paolo Bonzini <pbonzini@redhat.com>	Fri Jul 07 12:52:27 2023 +0200
tree	49f731a2daba2de499d758105b35aff2ff60ca24
parent	6c43ec3b206956a8a3008accafe9eb2dfd885190 [diff]